New-AzSecurityDefenderForContainersAwsOfferingObject

Reference

Module:: Az.Security

Create an in-memory object for DefenderForContainersAwsOffering.

Syntax

New-AzSecurityDefenderForContainersAwsOfferingObject
   [-AutoProvisioning <Boolean>]
   [-CloudWatchToKinesiCloudRoleArn <String>]
   [-ContainerVulnerabilityAssessmentCloudRoleArn <String>]
   [-ContainerVulnerabilityAssessmentTaskCloudRoleArn <String>]
   [-EnableContainerVulnerabilityAssessment <Boolean>]
   [-KinesiToS3CloudRoleArn <String>]
   [-KubeAuditRetentionTime <Int64>]
   [-KuberneteScubaReaderCloudRoleArn <String>]
   [-KuberneteServiceCloudRoleArn <String>]
   [-MdcContainerAgentlessDiscoveryK8SCloudRoleArn <String>]
   [-MdcContainerAgentlessDiscoveryK8SEnabled <Boolean>]
   [-MdcContainerImageAssessmentCloudRoleArn <String>]
   [-MdcContainerImageAssessmentEnabled <Boolean>]
   [-ScubaExternalId <String>]
   [<CommonParameters>]

Description

Create an in-memory object for DefenderForContainersAwsOffering.

Examples

Example 1: Create new DefenderForContainersAwsOffering object

$arnPrefix = "arn:aws:iam::123456789012:role"
New-AzSecurityDefenderForContainersAwsOfferingObject `
    -AutoProvisioning $true -KuberneteServiceCloudRoleArn "$arnPrefix/DefenderForCloud-Containers-K8s" -KuberneteScubaReaderCloudRoleArn "$arnPrefix/DefenderForCloud-DataCollection" `
    -KinesiToS3CloudRoleArn "$arnPrefix/DefenderForCloud-Containers-K8s-kinesis-to-s3" -CloudWatchToKinesiCloudRoleArn "$arnPrefix/DefenderForCloud-Containers-K8s-cloudwatch-to-kinesis" `
    -KubeAuditRetentionTime 30 -ScubaExternalId "a47ae0a2-7bf7-482a-897a-7a139d30736c" `
    -MdcContainerAgentlessDiscoveryK8SEnabled $true -MdcContainerAgentlessDiscoveryK8SCloudRoleArn "$arnPrefix/MDCContainersAgentlessDiscoveryK8sRole" `
    -MdcContainerImageAssessmentEnabled $true -MdcContainerImageAssessmentCloudRoleArn "$arnPrefix/MDCContainersImageAssessmentRole" `
    -EnableContainerVulnerabilityAssessment $false

AutoProvisioning                                 : True
CloudWatchToKinesiCloudRoleArn                   : arn:aws:iam::123456789012:role/DefenderForCloud-Containers-K8s-cloudwatch-to-kinesis
ContainerVulnerabilityAssessmentCloudRoleArn     : 
ContainerVulnerabilityAssessmentTaskCloudRoleArn : 
Description                                      : 
EnableContainerVulnerabilityAssessment           : False
KinesiToS3CloudRoleArn                           : arn:aws:iam::123456789012:role/DefenderForCloud-Containers-K8s-kinesis-to-s3
KubeAuditRetentionTime                           : 30
KuberneteScubaReaderCloudRoleArn                 : arn:aws:iam::123456789012:role/DefenderForCloud-DataCollection
KuberneteServiceCloudRoleArn                     : arn:aws:iam::123456789012:role/DefenderForCloud-Containers-K8s
MdcContainerAgentlessDiscoveryK8SCloudRoleArn    : arn:aws:iam::123456789012:role/MDCContainersAgentlessDiscoveryK8sRole
MdcContainerAgentlessDiscoveryK8SEnabled         : True
MdcContainerImageAssessmentCloudRoleArn          : arn:aws:iam::123456789012:role/MDCContainersImageAssessmentRole
MdcContainerImageAssessmentEnabled               : True
OfferingType                                     : DefenderForContainersAws
ScubaExternalId                                  : a47ae0a2-7bf7-482a-897a-7a139d30736c

Parameters

-AutoProvisioning

Is audit logs pipeline auto provisioning enabled.

Type:	Boolean
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-CloudWatchToKinesiCloudRoleArn

The cloud role ARN in AWS used by CloudWatch to transfer data into Kinesis.

Type:	String
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-ContainerVulnerabilityAssessmentCloudRoleArn

The cloud role ARN in AWS for this feature.

Type:	String
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-ContainerVulnerabilityAssessmentTaskCloudRoleArn

The cloud role ARN in AWS for this feature.

Type:	String
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-EnableContainerVulnerabilityAssessment

Enable container vulnerability assessment feature.

Type:	Boolean
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-KinesiToS3CloudRoleArn

The cloud role ARN in AWS used by Kinesis to transfer data into S3.

Type:	String
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-KubeAuditRetentionTime

The retention time in days of kube audit logs set on the CloudWatch log group.

Type:	Int64
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-KuberneteScubaReaderCloudRoleArn

The cloud role ARN in AWS for this feature used for reading data.

Type:	String
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-KuberneteServiceCloudRoleArn

The cloud role ARN in AWS for this feature used for provisioning resources.

Type:	String
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-MdcContainerAgentlessDiscoveryK8SCloudRoleArn

The cloud role ARN in AWS for this feature.

Type:	String
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-MdcContainerAgentlessDiscoveryK8SEnabled

Is Microsoft Defender container agentless discovery K8s enabled.

Type:	Boolean
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-MdcContainerImageAssessmentCloudRoleArn

The cloud role ARN in AWS for this feature.

Type:	String
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-MdcContainerImageAssessmentEnabled

Is Microsoft Defender container image assessment enabled.

Type:	Boolean
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-ScubaExternalId

The externalId used by the data reader to prevent the confused deputy attack.

Type:	String
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

Outputs

DefenderForContainersAwsOffering

Share via

New-AzSecurityDefenderForContainersAwsOfferingObject

Syntax

Description

Examples

Example 1: Create new DefenderForContainersAwsOffering object

Parameters

-AutoProvisioning

-CloudWatchToKinesiCloudRoleArn

-ContainerVulnerabilityAssessmentCloudRoleArn

-ContainerVulnerabilityAssessmentTaskCloudRoleArn

-EnableContainerVulnerabilityAssessment

-KinesiToS3CloudRoleArn

-KubeAuditRetentionTime

-KuberneteScubaReaderCloudRoleArn

-KuberneteServiceCloudRoleArn

-MdcContainerAgentlessDiscoveryK8SCloudRoleArn

-MdcContainerAgentlessDiscoveryK8SEnabled

-MdcContainerImageAssessmentCloudRoleArn

-MdcContainerImageAssessmentEnabled

-ScubaExternalId

Outputs

Additional resources